<?
function loggedin(){
if(isset($_COOKIE["username"]){
	$query = sprintf("SELECT * FROM ".$prefix." WHERE user='%s' AND password='%s'",
        mysql_real_escape_string($_COOKIE["username"]),
        mysql_real_escape_string($_COOKIE["password"]);
	$result = mysql_query($query);
	while($row = mysql_fetch_array($result))
        if ($row['user'] = $_COOKIE["username"]) && ($row['password'] = $_COOKIE["password"])
			Return(True);
}
}

if (!loggedin())
	header("Location: login.php")

?>